alexlebens/helm-charts
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 368 Wiki Activity

remove taiga

Browse Source
This commit is contained in:
Alex Lebens
2024-06-01 18:13:42 -05:00
parent 238d01c5e4
commit 2cda957b4c
14 changed files with 0 additions and 2196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
charts/taiga/Chart.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: v2
name: taiga
version: 0.2.3
description: Chart for Taiga
keywords:
- kanban
- project management
sources:
- https://github.com/taigaio
- https://github.com/rabbitmq/rabbitmq-server
- https://github.com/bitnami/charts/tree/main/bitnami/rabbitmq
maintainers:
- name: alexlebens
icon: https://avatars.githubusercontent.com/u/6905422?s=200&v=4
dependencies:
- name: rabbitmq
version: 14.1.5
repository: https://charts.bitnami.com/bitnami
alias: async-rabbitmq
- name: rabbitmq
version: 14.1.5
repository: https://charts.bitnami.com/bitnami
alias: events-rabbitmq
appVersion: 6.7.7

17
charts/taiga/README.md
View File

@@ -1,17 +0,0 @@
## Introduction
[Taiga 6](https://github.com/taigaio)
Intuitive and simple, yet feature complete Kanban board
This chart bootstraps a [Taiga](https://github.com/taigaio) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Prerequisites
- Kubernetes
- Helm
## Parameters
See the [values files](values.yaml).

135
charts/taiga/templates/_helpers.tpl
View File

@@ -1,135 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "taiga.name" -}}
{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "taiga.fullname" -}}
{{- if .Values.global.fullnameOverride -}}
{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.global.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label
*/}}
{{- define "taiga.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "taiga.labels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}
helm.sh/chart: {{ template "taiga.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Common labels for specific components
*/}}
{{- define "taiga.back.labels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-back
helm.sh/chart: {{ template "taiga.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "taiga.async.labels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-async
helm.sh/chart: {{ template "taiga.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "taiga.front.labels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-front
helm.sh/chart: {{ template "taiga.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "taiga.events.labels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-events
helm.sh/chart: {{ template "taiga.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "taiga.protected.labels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-protected
helm.sh/chart: {{ template "taiga.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "taiga.matchLabels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "taiga.back.matchLabels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-back
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "taiga.async.matchLabels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-async
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "taiga.front.matchLabels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-front
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "taiga.events.matchLabels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-events
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "taiga.protected.matchLabels" -}}
app.kubernetes.io/name: {{ template "taiga.name" . }}-protected
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "taiga.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "taiga.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the static persistent volume
*/}}
{{- define "taiga.staticVolumeName" -}}
{{- if .Values.persistence.static.existingClaim -}}
{{ .Values.persistence.static.existingClaim }}
{{- else -}}
{{ printf "%s-static" (include "taiga.fullname" .) | trunc 63 | trimSuffix "-" }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the media persistent volume
*/}}
{{- define "taiga.mediaVolumeName" -}}
{{- if .Values.persistence.media.existingClaim -}}
{{ .Values.persistence.media.existingClaim }}
{{- else -}}
{{ printf "%s-media" (include "taiga.fullname" .) | trunc 63 | trimSuffix "-" }}
{{- end -}}
{{- end -}}

36
charts/taiga/templates/config-map.yaml
View File

@@ -1,36 +0,0 @@
{{- if .Values.createInitialUser }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "taiga.fullname" . }}-create-initial-user
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
data:
createinitialuser.sh: |
#!/bin/sh
echo """
import time
import requests
import subprocess
print('Waiting for backend ...')
while requests.get('http://{{ template "taiga.fullname" . }}-back/api/v1/').status_code != 200:
print('...')
time.sleep(2)
if str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'users.user'], cwd='/taiga-back')).find('\"is_superuser\": true') == -1:
print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_user'], cwd='/taiga-back'))
else:
print('Admin user yet created.')
""" > /tmp/create_superuser.py
python /tmp/create_superuser.py
{{- end }}

515
charts/taiga/templates/deployment-back.yaml
View File

@@ -1,515 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "taiga.fullname" . }}-back
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.back.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: 3
replicas: {{ .Values.back.replicas }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "taiga.back.matchLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "taiga.back.labels" . | nindent 8 }}
app.kubernetes.io/component: {{ template "taiga.name" . }}-back
annotations:
{{- with .Values.back.podAnnotations }}
{{ toYaml . | nindent 8 }}
{{- end }}
spec:
affinity:
{{- with .Values.back.affinity }}
{{ toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
{{- with .Values.back.nodeSelector }}
{{ toYaml . | nindent 8 }}
{{- end }}
tolerations:
{{- with .Values.back.tolerations }}
{{ toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "taiga.serviceAccountName" . }}
securityContext:
{{- with .Values.back.securityContext }}
{{ toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ template "taiga.fullname" . }}-back
image: "{{ .Values.back.image.repository }}:{{ .Values.back.image.tag }}"
imagePullPolicy: {{ .Values.back.image.pullPolicy }}
resources:
{{ toYaml .Values.back.resources | nindent 12 }}
ports:
- name: taiga-back
containerPort: {{ .Values.back.service.port }}
protocol: TCP
volumeMounts:
- name: taiga-static
mountPath: /taiga-back/static
- name: taiga-media
mountPath: /taiga-back/media
env:
- name: TAIGA_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.secretKey.existingSecretName }}"
key: "{{ .Values.secretKey.existingSecretKey }}"
- name: ENABLE_TELEMETRY
value: "{{ .Values.enableTelemetry }}"
- name: PUBLIC_REGISTER_ENABLED
value: "{{ .Values.publicRegisterEnabled }}"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.usernameKey }}"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.passwordKey }}"
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.databaseNameKey }}"
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.hostKey }}"
{{ if .Values.oidc.enabled }}
- name: OIDC_ENABLED
value: "True"
- name: OIDC_SCOPES
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.scopesKey }}"
- name: OIDC_SIGN_ALGO
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.signatureAlgorithmKey }}"
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.clientIdKey }}"
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.clientSecretKey }}"
- name: OIDC_BASE_URL
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.baseUrlKey }}"
- name: OIDC_JWKS_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.jwksEndpointKey }}"
- name: OIDC_AUTHORIZATION_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.authorizationEndpointKey }}"
- name: OIDC_TOKEN_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.tokenEndpointKey }}"
- name: OIDC_USER_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.userEndpointKey }}"
{{ end }}
{{ if .Values.email.enabled }}
- name: EMAIL_BACKEND
value: "django.core.mail.backends.smtp.EmailBackend"
- name: DEFAULT_FROM_EMAIL
value: "{{ .Values.email.from }}"
- name: EMAIL_HOST
value: "{{ .Values.email.host }}"
- name: EMAIL_PORT
value: "{{ .Values.email.port }}"
- name: EMAIL_USE_TLS
value: "{{ .Values.email.tls }}"
- name: EMAIL_USE_SSL
value: "{{ .Values.email.ssl }}"
- name: EMAIL_HOST_USER
value: "{{ .Values.email.user }}"
- name: EMAIL_HOST_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Values.email.existingPasswordSecret }}"
key: "{{ .Values.email.existingSecretPasswordKey }}"
{{ end }}
- name: ENABLE_GITHUB_AUTH
value: "false"
- name: ENABLE_GITLAB_AUTH
value: "false"
- name: ENABLE_SLACK
value: "{{ .Values.enableSlack }}"
{{ if .Values.githubImporter.enabled }}
- name: ENABLE_GITHUB_IMPORTER
value: "True"
- name: GITHUB_API_CLIENT_ID
valueFrom:
secretKeyRef:
name: "{{ .Values.githubImporter.existingSecretName }}"
key: "{{ .Values.githubImporter.existingSecretClientIdKey }}"
- name: GITHUB_API_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: "{{ .Values.githubImporter.existingSecretName }}"
key: "{{ .Values.githubImporter.existingSecretClientSecretKey }}"
{{ else }}
- name: ENABLE_GITHUB_IMPORTER
value: "False"
{{ end }}
{{ if .Values.jiraImporter.enabled }}
- name: ENABLE_JIRA_IMPORTER
value: "True"
- name: JIRA_IMPORTER_CONSUMER_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.jiraImporter.existingSecretName }}"
key: "{{ .Values.jiraImporter.existingSecretConsumerKeyKey }}"
- name: JIRA_IMPORTER_CERT
valueFrom:
secretKeyRef:
name: "{{ .Values.jiraImporter.existingSecretName }}"
key: "{{ .Values.jiraImporter.existingSecretCertKey }}"
- name: JIRA_IMPORTER_PUB_CERT
valueFrom:
secretKeyRef:
name: "{{ .Values.jiraImporter.existingSecretName }}"
key: "{{ .Values.jiraImporter.existingSecretPubCertKey }}"
{{ else }}
- name: ENABLE_JIRA_IMPORTER
value: "False"
{{ end }}
{{ if .Values.trelloImporter.enabled }}
- name: ENABLE_TRELLO_IMPORTER
value: "True"
- name: TRELLO_IMPORTER_API_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.trelloImporter.existingSecretName }}"
key: "{{ .Values.trelloImporter.existingSecretApiKeyKey }}"
- name: TRELLO_IMPORTER_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.trelloImporter.existingSecretName }}"
key: "{{ .Values.trelloImporter.existingSecretSecretKeyKey }}"
{{ else }}
- name: ENABLE_JIRA_IMPORTER
value: "False"
{{ end }}
- name: RABBITMQ_USER
value: "{{ index .Values "async-rabbitmq" "auth" "username" }}"
- name: RABBITMQ_PASS
valueFrom:
secretKeyRef:
name: {{ index .Values "async-rabbitmq" "auth" "existingPasswordSecret" }}
key: {{ index .Values "async-rabbitmq" "auth" "existingSecretPasswordKey" }}
{{ if .Values.ingress.enabled }}
- name: TAIGA_SITES_DOMAIN
value: "{{ .Values.ingress.host }}"
- name: TAIGA_SITES_SCHEME
value: "https"
- name: SESSION_COOKIE_SECURE
value: "True"
- name: CSRF_COOKIE_SECURE
value: "True"
{{- end }}
{{- if .Values.back.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.back.service.port }}
initialDelaySeconds: {{ .Values.back.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.back.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.back.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.back.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.back.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.back.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.back.service.port }}
initialDelaySeconds: {{ .Values.back.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.back.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.back.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.back.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.back.readinessProbe.failureThreshold }}
{{- end }}
- name: {{ template "taiga.fullname" . }}-async
image: "{{ .Values.async.image.repository }}:{{ .Values.async.image.tag }}"
imagePullPolicy: {{ .Values.async.image.pullPolicy }}
resources:
{{ toYaml .Values.async.resources | nindent 12 }}
command:
- /taiga-back/docker/async_entrypoint.sh
volumeMounts:
- name: taiga-static
mountPath: /taiga-back/static
- name: taiga-media
mountPath: /taiga-back/media
env:
- name: TAIGA_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.secretKey.existingSecretName }}"
key: "{{ .Values.secretKey.existingSecretKey }}"
- name: ENABLE_TELEMETRY
value: "{{ .Values.enableTelemetry }}"
- name: PUBLIC_REGISTER_ENABLED
value: "{{ .Values.publicRegisterEnabled }}"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.usernameKey }}"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.passwordKey }}"
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.databaseNameKey }}"
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.hostKey }}"
{{ if .Values.oidc.enabled }}
- name: OIDC_ENABLED
value: "True"
- name: OIDC_SCOPES
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.scopesKey }}"
- name: OIDC_SIGN_ALGO
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.signatureAlgorithmKey }}"
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.clientIdKey }}"
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.clientSecretKey }}"
- name: OIDC_BASE_URL
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.baseUrlKey }}"
- name: OIDC_JWKS_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.jwksEndpointKey }}"
- name: OIDC_AUTHORIZATION_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.authorizationEndpointKey }}"
- name: OIDC_TOKEN_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.tokenEndpointKey }}"
- name: OIDC_USER_ENDPOINT
valueFrom:
secretKeyRef:
name: "{{ .Values.oidc.existingSecretName }}"
key: "{{ .Values.oidc.userEndpointKey }}"
{{ end }}
{{ if .Values.email.enabled }}
- name: EMAIL_BACKEND
value: "django.core.mail.backends.smtp.EmailBackend"
- name: DEFAULT_FROM_EMAIL
value: "{{ .Values.email.from }}"
- name: EMAIL_HOST
value: "{{ .Values.email.host }}"
- name: EMAIL_PORT
value: "{{ .Values.email.port }}"
- name: EMAIL_USE_TLS
value: "{{ .Values.email.tls }}"
- name: EMAIL_USE_SSL
value: "{{ .Values.email.ssl }}"
- name: EMAIL_HOST_USER
value: "{{ .Values.email.user }}"
- name: EMAIL_HOST_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Values.email.existingPasswordSecret }}"
key: "{{ .Values.email.existingSecretPasswordKey }}"
{{ end }}
- name: ENABLE_GITHUB_AUTH
value: "false"
- name: ENABLE_GITLAB_AUTH
value: "false"
- name: ENABLE_SLACK
value: "{{ .Values.enableSlack }}"
{{ if .Values.githubImporter.enabled }}
- name: ENABLE_GITHUB_IMPORTER
value: "True"
- name: GITHUB_API_CLIENT_ID
valueFrom:
secretKeyRef:
name: "{{ .Values.githubImporter.existingSecretName }}"
key: "{{ .Values.githubImporter.existingSecretClientIdKey }}"
- name: GITHUB_API_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: "{{ .Values.githubImporter.existingSecretName }}"
key: "{{ .Values.githubImporter.existingSecretClientSecretKey }}"
{{ else }}
- name: ENABLE_GITHUB_IMPORTER
value: "False"
{{ end }}
{{ if .Values.jiraImporter.enabled }}
- name: ENABLE_JIRA_IMPORTER
value: "True"
- name: JIRA_IMPORTER_CONSUMER_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.jiraImporter.existingSecretName }}"
key: "{{ .Values.jiraImporter.existingSecretConsumerKeyKey }}"
- name: JIRA_IMPORTER_CERT
valueFrom:
secretKeyRef:
name: "{{ .Values.jiraImporter.existingSecretName }}"
key: "{{ .Values.jiraImporter.existingSecretCertKey }}"
- name: JIRA_IMPORTER_PUB_CERT
valueFrom:
secretKeyRef:
name: "{{ .Values.jiraImporter.existingSecretName }}"
key: "{{ .Values.jiraImporter.existingSecretPubCertKey }}"
{{ else }}
- name: ENABLE_JIRA_IMPORTER
value: "False"
{{ end }}
{{ if .Values.trelloImporter.enabled }}
- name: ENABLE_TRELLO_IMPORTER
value: "True"
- name: TRELLO_IMPORTER_API_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.trelloImporter.existingSecretName }}"
key: "{{ .Values.trelloImporter.existingSecretApiKeyKey }}"
- name: TRELLO_IMPORTER_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.trelloImporter.existingSecretName }}"
key: "{{ .Values.trelloImporter.existingSecretSecretKeyKey }}"
{{ else }}
- name: ENABLE_JIRA_IMPORTER
value: "False"
{{ end }}
- name: RABBITMQ_USER
value: "{{ index .Values "async-rabbitmq" "auth" "username" }}"
- name: RABBITMQ_PASS
valueFrom:
secretKeyRef:
name: {{ index .Values "async-rabbitmq" "auth" "existingPasswordSecret" }}
key: {{ index .Values "async-rabbitmq" "auth" "existingSecretPasswordKey" }}
{{ if .Values.ingress.enabled }}
- name: TAIGA_SITES_DOMAIN
value: "{{ .Values.ingress.host }}"
- name: TAIGA_SITES_SCHEME
value: "https"
- name: SESSION_COOKIE_SECURE
value: "True"
- name: CSRF_COOKIE_SECURE
value: "True"
{{- end }}
{{- if .Values.back.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.back.service.port }}
initialDelaySeconds: {{ .Values.back.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.back.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.back.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.back.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.back.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.back.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.back.service.port }}
initialDelaySeconds: {{ .Values.back.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.back.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.back.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.back.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.back.readinessProbe.failureThreshold }}
{{- end }}
volumes:
- name: taiga-static
{{- if .Values.persistence.static.enabled }}
persistentVolumeClaim:
claimName: {{ include "taiga.staticVolumeName" . }}
{{- else }}
emptyDir: {}
{{- end }}
- name: taiga-media
{{- if .Values.persistence.media.enabled }}
persistentVolumeClaim:
claimName: {{ include "taiga.mediaVolumeName" . }}
{{- else }}
emptyDir: {}
{{- end }}

101
charts/taiga/templates/deployment-events.yaml
View File

@@ -1,101 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "taiga.fullname" . }}-events
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.events.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: 3
replicas: {{ .Values.events.replicas }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "taiga.events.matchLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "taiga.events.labels" . | nindent 8 }}
app.kubernetes.io/component: {{ template "taiga.name" . }}-events
annotations:
{{- with .Values.events.podAnnotations }}
{{ toYaml . | nindent 8 }}
{{- end }}
spec:
affinity:
{{- with .Values.events.affinity }}
{{ toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
{{- with .Values.events.nodeSelector }}
{{ toYaml . | nindent 8 }}
{{- end }}
tolerations:
{{- with .Values.events.tolerations }}
{{ toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "taiga.serviceAccountName" . }}
securityContext:
{{- with .Values.events.securityContext }}
{{ toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ template "taiga.fullname" . }}-events
image: "{{ .Values.events.image.repository }}:{{ .Values.events.image.tag }}"
imagePullPolicy: {{ .Values.events.image.pullPolicy }}
resources:
{{ toYaml .Values.events.resources | nindent 12 }}
ports:
- name: taiga-events
containerPort: {{ .Values.events.service.http.port }}
protocol: TCP
- name: taiga-app
containerPort: {{ .Values.events.service.app.port }}
protocol: TCP
env:
- name: TAIGA_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.secretKey.existingSecretName }}"
key: "{{ .Values.secretKey.existingSecretKey }}"
- name: RABBITMQ_USER
value: "{{ index .Values "events-rabbitmq" "auth" "username" }}"
- name: RABBITMQ_PASS
valueFrom:
secretKeyRef:
name: {{ index .Values "events-rabbitmq" "auth" "existingPasswordSecret" }}
key: {{ index .Values "events-rabbitmq" "auth" "existingSecretPasswordKey" }}
- name: APP_PORT
value: "{{ .Values.events.service.app.port }}"
{{- if .Values.events.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /healthz
port: {{ .Values.events.service.app.port }}
initialDelaySeconds: {{ .Values.events.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.events.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.events.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.events.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.events.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.events.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /healthz
port: {{ .Values.events.service.app.port }}
initialDelaySeconds: {{ .Values.events.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.events.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.events.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.events.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.events.readinessProbe.failureThreshold }}
{{- end }}

108
charts/taiga/templates/deployment-front.yaml
View File

@@ -1,108 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "taiga.fullname" . }}-front
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.front.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: 3
replicas: {{ .Values.front.replicas }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "taiga.front.matchLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "taiga.front.labels" . | nindent 8 }}
app.kubernetes.io/component: {{ template "taiga.name" . }}-front
annotations:
{{- with .Values.front.podAnnotations }}
{{ toYaml . | nindent 8 }}
{{- end }}
spec:
affinity:
{{- with .Values.front.affinity }}
{{ toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
{{- with .Values.front.nodeSelector }}
{{ toYaml . | nindent 8 }}
{{- end }}
tolerations:
{{- with .Values.front.tolerations }}
{{ toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "taiga.serviceAccountName" . }}
securityContext:
{{- with .Values.front.securityContext }}
{{ toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ template "taiga.fullname" . }}-front
image: "{{ .Values.front.image.repository }}:{{ .Values.front.image.tag }}"
imagePullPolicy: {{ .Values.front.image.pullPolicy }}
resources:
{{ toYaml .Values.front.resources | nindent 12 }}
ports:
- name: taiga-front
containerPort: {{ .Values.front.service.port }}
protocol: TCP
env:
{{ if .Values.ingress.enabled }}
- name: TAIGA_URL
value: "https://{{ .Values.ingress.host }}"
{{ else }}
- name: TAIGA_URL
value: "http://localhost:{{ .Values.front.service.port }}"
{{ end }}
- name: PUBLIC_REGISTER_ENABLED
value: "{{ .Values.publicRegisterEnabled }}"
- name: ENABLE_GITHUB_AUTH
value: "false"
- name: ENABLE_GITLAB_AUTH
value: "false"
- name: ENABLE_OIDC
value: "{{ .Values.oidc.enabled }}"
- name: ENABLE_SLACK
value: "{{ .Values.enableSlack }}"
- name: ENABLE_GITHUB_IMPORTER
value: "{{ .Values.githubImporter.enabled }}"
- name: ENABLE_JIRA_IMPORTER
value: "{{ .Values.jiraImporter.enabled }}"
- name: ENABLE_TRELLO_IMPORTER
value: "{{ .Values.trelloImporter.enabled }}"
{{- if .Values.front.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.front.service.port }}
initialDelaySeconds: {{ .Values.front.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.front.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.front.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.front.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.front.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.front.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.front.service.port }}
initialDelaySeconds: {{ .Values.front.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.front.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.front.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.front.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.front.readinessProbe.failureThreshold }}
{{- end }}

91
charts/taiga/templates/deployment-protected.yaml
View File

@@ -1,91 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "taiga.fullname" . }}-protected
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.protected.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
revisionHistoryLimit: 3
replicas: {{ .Values.protected.replicas }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "taiga.protected.matchLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "taiga.protected.labels" . | nindent 8 }}
app.kubernetes.io/component: {{ template "taiga.name" . }}-protected
annotations:
{{- with .Values.protected.podAnnotations }}
{{ toYaml . | nindent 8 }}
{{- end }}
spec:
affinity:
{{- with .Values.protected.affinity }}
{{ toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
{{- with .Values.protected.nodeSelector }}
{{ toYaml . | nindent 8 }}
{{- end }}
tolerations:
{{- with .Values.protected.tolerations }}
{{ toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "taiga.serviceAccountName" . }}
securityContext:
{{- with .Values.protected.securityContext }}
{{ toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ template "taiga.fullname" . }}-protected
image: "{{ .Values.protected.image.repository }}:{{ .Values.protected.image.tag }}"
imagePullPolicy: {{ .Values.protected.image.pullPolicy }}
resources:
{{ toYaml .Values.protected.resources | nindent 12 }}
ports:
- name: taiga-protected
containerPort: {{ .Values.protected.service.port }}
protocol: TCP
env:
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.secretKey.existingSecretName }}"
key: "{{ .Values.secretKey.existingSecretKey }}"
- name: MAX_AGE
value: "{{ .Values.maxAge }}"
{{- if .Values.protected.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.protected.service.port }}
initialDelaySeconds: {{ .Values.protected.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.protected.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.protected.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.protected.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.protected.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.protected.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /admin/login/
port: {{ .Values.protected.service.port }}
initialDelaySeconds: {{ .Values.protected.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.protected.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.protected.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.protected.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.protected.readinessProbe.failureThreshold }}
{{- end }}

74
charts/taiga/templates/ingress.yaml
View File

@@ -1,74 +0,0 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ template "taiga.fullname" . }}
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- toYaml .Values.ingress.annotations | nindent 4 }}
labels:
{{- include "taiga.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.ingress.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ template "taiga.fullname" . }}-secret-tls
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: /
backend:
service:
name: "{{ template "taiga.fullname" . }}-front"
port:
name: taiga-front
pathType: ImplementationSpecific
- path: /api
backend:
service:
name: "{{ template "taiga.fullname" . }}-back"
port:
name: taiga-back
pathType: ImplementationSpecific
- path: /admin
backend:
service:
name: "{{ template "taiga.fullname" . }}-back"
port:
name: taiga-back
pathType: ImplementationSpecific
{{ if .Values.oidc.enabled }}
- path: /oidc
backend:
service:
name: "{{ template "taiga.fullname" . }}-back"
port:
name: taiga-back
pathType: ImplementationSpecific
{{- end }}
- path: /events
backend:
service:
name: "{{ template "taiga.fullname" . }}-events"
port:
name: taiga-events
pathType: ImplementationSpecific
- path: /media
backend:
service:
name: "{{ template "taiga.fullname" . }}-protected"
port:
name: taiga-protected
pathType: ImplementationSpecific
{{- end }}

66
charts/taiga/templates/job.yaml
View File

@@ -1,66 +0,0 @@
{{- if .Values.createInitialUser }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "taiga.fullname" . }}-create-initial-user
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
backoffLimit: 4
template:
spec:
{{- if .Values.back.nodeSelector }}
nodeSelector:
{{ toYaml .Values.back.nodeSelector | nindent 8 }}
{{- end }}
restartPolicy: Never
containers:
- name: {{ template "taiga.fullname" . }}-create-initial-user
image: "{{ .Values.back.image.repository }}:{{ .Values.back.image.tag }}"
imagePullPolicy: {{ .Values.back.image.pullPolicy }}
command:
- sh
- /scripts/createinitialuser.sh
volumeMounts:
- name: create-initial-user
mountPath: /scripts
env:
- name: TAIGA_SECRET_KEY
valueFrom:
secretKeyRef:
name: "{{ .Values.secretKey.existingSecretName }}"
key: "{{ .Values.secretKey.existingSecretKey }}"
- name: POSTGRES_USERNAME
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.usernameKey }}"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.passwordKey }}"
- name: POSTGRES_DATABASE_NAME
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.databaseNameKey }}"
- name: POSTGRES_DATABASE_HOST
valueFrom:
secretKeyRef:
name: "{{ .Values.postgresql.existingSecretName }}"
key: "{{ .Values.postgresql.hostKey }}"
volumes:
- name: create-initial-user
configMap:
name: {{ template "taiga.fullname" . }}-create-initial-user
defaultMode: 0744
{{- end }}

54
charts/taiga/templates/persistent-volume-claim.yaml
View File

@@ -1,54 +0,0 @@
{{- if and .Values.persistence.static.enabled (not .Values.persistence.static.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "taiga.staticVolumeName" . }}
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.persistence.static.retain }}
helm.sh/resource-policy: keep
{{- end }}
labels:
{{- include "taiga.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
storageClassName: {{ .Values.persistence.static.storageClass }}
accessModes:
- {{ .Values.persistence.static.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.static.size }}
{{- end }}
---
{{- if and .Values.persistence.media.enabled (not .Values.persistence.media.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "taiga.mediaVolumeName" . }}
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.persistence.media.retain }}
"helm.sh/resource-policy": keep
{{- end }}
labels:
{{- include "taiga.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
storageClassName: {{ .Values.persistence.media.storageClass }}
accessModes:
- {{ .Values.persistence.media.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.media.size }}
{{- end }}

20
charts/taiga/templates/service-account.yaml
View File

@@ -1,20 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "taiga.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.serviceAccount.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.serviceAccount.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}

138
charts/taiga/templates/service.yaml
View File

@@ -1,138 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "taiga.fullname" . }}-back
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.back.service.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.back.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.back.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.back.service.type }}
ports:
- port: {{ .Values.back.service.port }}
targetPort: taiga-back
protocol: TCP
name: taiga-back
selector:
{{- include "taiga.back.matchLabels" . | nindent 4 }}
{{- with .Values.back.service.extraSelectorLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ template "taiga.fullname" . }}-events
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.events.service.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.events.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.events.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.events.service.type }}
ports:
- port: {{ .Values.events.service.http.port }}
targetPort: taiga-events
protocol: TCP
name: taiga-events
- port: {{ .Values.events.service.app.port }}
targetPort: taiga-app
protocol: TCP
name: taiga-app
selector:
{{- include "taiga.events.matchLabels" . | nindent 4 }}
{{- with .Values.events.service.extraSelectorLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ template "taiga.fullname" . }}-front
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.front.service.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.front.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.front.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.front.service.type }}
ports:
- port: {{ .Values.front.service.port }}
targetPort: taiga-front
protocol: TCP
name: taiga-front
selector:
{{- include "taiga.front.matchLabels" . | nindent 4 }}
{{- with .Values.front.service.extraSelectorLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ template "taiga.fullname" . }}-protected
namespace: {{ .Release.Namespace }}
annotations:
{{- with .Values.global.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.protected.service.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "taiga.protected.labels" . | nindent 4 }}
{{- with .Values.global.labels }}
{{ toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.protected.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.protected.service.type }}
ports:
- port: {{ .Values.protected.service.port }}
targetPort: taiga-protected
protocol: TCP
name: taiga-protected
selector:
{{- include "taiga.protected.matchLabels" . | nindent 4 }}
{{- with .Values.protected.service.extraSelectorLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}

817
charts/taiga/values.yaml
View File

@@ -1,817 +0,0 @@
## Global
##
global:
# -- Set an override for the prefix of the fullname
nameOverride:
# -- Set the entire name definition
fullnameOverride:
# -- Set additional global labels. Helm templates can be used.
labels: {}
# -- Set additional global annotations. Helm templates can be used.
annotations: {}
## Service Account
##
serviceAccount:
# -- Specifies whether a service account should be created
create: false
# -- Annotations to add to the service account
annotations: {}
# -- Labels to add to the service account
labels: {}
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
## Secret key
## Specificy the secret name and the key containg a strong secret key
##
secretKey:
existingSecretName: ""
existingSecretKey: ""
## Create initial user with credentials admin/123123
## ref: https://taigaio.github.io/taiga-doc/dist/setup-production.html
##
# TODO: set to false by default or create with a random password which is stored in a secret
# or allow to pass in the data for username and secret
createInitialUser: true
## Max age
##
maxAge: 360
## Create initial templates
## ref: https://taigaio.github.io/taiga-doc/dist/setup-production.html
##
# TODO: This values seems to be unused
createInitialTemplates: false
## Telemetry settings
##
enableTelemetry: true
## Public registration
##
publicRegisterEnabled: true
## Enable debug
## ref: https://taigaio.github.io/taiga-doc/dist/setup-production.html
debug: false
## Postgresql
## Configuration is expected to be stored in a secret, reference the secret name and each key for the value
##
postgresql:
existingSecretName: ""
usernameKey: ""
passwordKey: ""
databaseNameKey: ""
hostKey: ""
portKey: ""
## OIDC authentication
## Configuration is expected to be stored in a secret, reference the secret name and each key for the value
##
oidc:
enabled: false
existingSecretName: ""
scopesKey: "" # "openid profile email"
signatureAlgorithmKey: "" # "RS256"
clientIdKey: "" # <generate from auth provider>
clientSecretKey: "" # <generate from auth provider>
baseUrlKey: "" # "https://id.fedoraproject.org/openidc"
jwksEndpointKey: "" # "https://id.fedoraproject.org/openidc/Jwks"
authorizationEndpointKey: "" # "https://id.fedoraproject.org/openidc/Authorization"
tokenEndpointKey: "" # "https://id.fedoraproject.org/openidc/Token"
userEndpointKey: "" # "https://id.fedoraproject.org/openidc/UserInfo"
## SMTP mail delivery configuration
## ref: https://taigaio.github.io/taiga-doc/dist/setup-production.html
##
email:
enabled: false
from: no-reply@example.com
host: localhost
port: 587
tls: false
ssl: false
user: ""
## Specificy an existing secret containg the password for the smtp user
##
existingPasswordSecret: ""
existingSecretPasswordKey: ""
## Slack
##
enableSlack: false
## Importers
##
# Github importer
githubImporter:
enabled: false
existingSecretName: ""
existingSecretClientIdKey: ""
existingSecretClientSecretKey: ""
# Jira importer
jiraImporter:
enabled: false
existingSecretName: ""
existingSecretConsumerKeyKey: ""
existingSecretCertKey: ""
existingSecretPubCertKey: ""
# Trello importer
trelloImporter:
enabled: false
existingSecretName: ""
existingSecretApiKeyKey: ""
existingSecretSecretKeyKey: ""
## taiga-back
##
back:
## Taiga image version
## ref: https://hub.docker.com/r/taigaio/taiga5/tags
##
image:
repository: taigaio/taiga-back
tag: "6.7.3"
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Define the number of pods the deployment will create
## Do not change unless your persistent volume allows more than one writer, ie NFS
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
##
replicas: 1
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext: {}
## taiga containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 2
# memory: 1Gi
requests: {}
# cpu: 1
# memory: 1Gi
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: false
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Environment variables, to pass to the entry point
##
# extraVars:
# - name: NAMI_DEBUG
# value: --log-level trace
## Service
##
service:
# -- Set the service type
type: ClusterIP
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Allow adding additional match labels
extraSelectorLabels: {}
# -- HTTP port number
port: 8000
## Async
##
async:
## Taiga image version
## ref: https://hub.docker.com/r/taigaio/taiga5/tags
##
image:
repository: taigaio/taiga-back
tag: "6.7.3"
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Define the number of pods the deployment will create
## Do not change unless your persistent volume allows more than one writer, ie NFS
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
##
replicas: 1
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## taiga containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 2
# memory: 1Gi
requests: {}
# cpu: 1
# memory: 1Gi
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: false
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Environment variables, to pass to the entry point
##
# extraVars:
# - name: NAMI_DEBUG
# value: --log-level trace
## Service
##
service:
# -- Set the service type
type: ClusterIP
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Allow adding additional match labels
extraSelectorLabels: {}
# -- HTTP port number
port: 8000
## Async Rabbitmq
## https://artifacthub.io/packages/helm/bitnami/rabbitmq?modal=values-schema
##
async-rabbitmq:
auth:
## @param auth.username RabbitMQ application username
## ref: https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq#environment-variables
##
username: taiga
## @param auth.existingPasswordSecret Existing secret with RabbitMQ credentials (existing secret must contain a value for `rabbitmq-password` key or override with setting auth.existingSecretPasswordKey)
## e.g:
## existingPasswordSecret: name-of-existing-secret
##
existingPasswordSecret: ""
existingSecretPasswordKey: ""
## @param auth.existingErlangSecret Existing secret with RabbitMQ Erlang cookie (must contain a value for `rabbitmq-erlang-cookie` key or override with auth.existingSecretErlangKey)
## e.g:
## existingErlangSecret: name-of-existing-secret
##
existingErlangSecret: ""
## @param auth.existingSecretErlangKey [default: rabbitmq-erlang-cookie] Erlang cookie key to be retrieved from existing secret
## NOTE: ignored unless `auth.existingErlangSecret` parameter is set
##
existingSecretErlangKey: ""
## @param configurationExistingSecret Existing secret with the configuration to use as rabbitmq.conf.
## Must contain the key "rabbitmq.conf"
## Takes precedence over `configuration`, so do not use both simultaneously
## With providing an existingSecret, extraConfiguration and extraConfigurationExistingSecret do not take any effect
##
configurationExistingSecret: ""
## @param extraConfiguration [string] Configuration file content: extra configuration to be appended to RabbitMQ configuration
## Use this instead of `configuration` to add more configuration
## Do not use simultaneously with `extraConfigurationExistingSecret`
##
extraConfiguration: |-
default_vhost = taiga
default_permissions.configure = .*
default_permissions.read = .*
default_permissions.write = .*
## Events
##
events:
## Taiga image version
## ref: https://hub.docker.com/r/taigaio/taiga5/tags
##
image:
repository: taigaio/taiga-events
tag: "6.7.0"
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext: {}
## Define the number of pods the deployment will create
## Do not change unless your persistent volume allows more than one writer, ie NFS
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
##
replicas: 1
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## taiga containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 2
# memory: 1Gi
requests: {}
# cpu: 1
# memory: 1Gi
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: false
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Environment variables, to pass to the entry point
##
# extraVars:
# - name: NAMI_DEBUG
# value: --log-level trace
## Service
##
service:
# -- Set the service type
type: ClusterIP
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Allow adding additional match labels
extraSelectorLabels: {}
http:
# -- HTTP port number
port: 8888
app:
# -- HTTP port number
port: 3023
## Events Rabbitmq
## https://artifacthub.io/packages/helm/bitnami/rabbitmq?modal=values-schema
##
events-rabbitmq:
auth:
## @param auth.username RabbitMQ application username
## ref: https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq#environment-variables
##
username: taiga
## @param auth.existingPasswordSecret Existing secret with RabbitMQ credentials (existing secret must contain a value for `rabbitmq-password` key or override with setting auth.existingSecretPasswordKey)
## e.g:
## existingPasswordSecret: name-of-existing-secret
##
existingPasswordSecret: ""
existingSecretPasswordKey: ""
## @param auth.existingErlangSecret Existing secret with RabbitMQ Erlang cookie (must contain a value for `rabbitmq-erlang-cookie` key or override with auth.existingSecretErlangKey)
## e.g:
## existingErlangSecret: name-of-existing-secret
##
existingErlangSecret: ""
## @param auth.existingSecretErlangKey [default: rabbitmq-erlang-cookie] Erlang cookie key to be retrieved from existing secret
## NOTE: ignored unless `auth.existingErlangSecret` parameter is set
##
existingSecretErlangKey: ""
## @param configurationExistingSecret Existing secret with the configuration to use as rabbitmq.conf.
## Must contain the key "rabbitmq.conf"
## Takes precedence over `configuration`, so do not use both simultaneously
## With providing an existingSecret, extraConfiguration and extraConfigurationExistingSecret do not take any effect
##
configurationExistingSecret: ""
## @param extraConfiguration [string] Configuration file content: extra configuration to be appended to RabbitMQ configuration
## Use this instead of `configuration` to add more configuration
## Do not use simultaneously with `extraConfigurationExistingSecret`
##
extraConfiguration: |-
default_vhost = taiga
default_permissions.configure = .*
default_permissions.read = .*
default_permissions.write = .*
## Protected
##
protected:
## Taiga image version
## ref: https://hub.docker.com/r/taigaio/taiga5/tags
##
image:
repository: taigaio/taiga-protected
tag: "6.7.0"
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext: {}
## Define the number of pods the deployment will create
## Do not change unless your persistent volume allows more than one writer, ie NFS
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
##
replicas: 1
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## taiga containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 2
# memory: 1Gi
requests: {}
# cpu: 1
# memory: 1Gi
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: false
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Environment variables, to pass to the entry point
##
# extraVars:
# - name: NAMI_DEBUG
# value: --log-level trace
## Service
##
service:
# -- Set the service type
type: ClusterIP
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Allow adding additional match labels
extraSelectorLabels: {}
# -- HTTP port number
port: 8003
## Front
##
front:
## Taiga image version
## ref: https://hub.docker.com/r/taigaio/taiga5/tags
##
image:
repository: taigaio/taiga-front
tag: "6.7.7"
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Define the number of pods the deployment will create
## Do not change unless your persistent volume allows more than one writer, ie NFS
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
##
replicas: 1
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext: {}
## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## taiga containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 2
# memory: 1Gi
requests: {}
# cpu: 1
# memory: 1Gi
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: false
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Environment variables, to pass to the entry point
##
# extraVars:
# - name: NAMI_DEBUG
# value: --log-level trace
## Service
##
service:
# -- Set the service type
type: ClusterIP
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Allow adding additional match labels
extraSelectorLabels: {}
# -- HTTP port number
port: 80
## Configure the ingress resource that allows you to access the
## taiga installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
# -- Enables or disables the ingress
enabled: false
# -- Provide additional annotations which may be required.
annotations: {}
# -- Provide additional labels which may be required.
labels: {}
# -- Set the ingressClass that is used for this ingress.
className: ""
## Configure the hosts for the ingress
host: chart-example.local
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
static:
# -- Enables or disables the persistence item. Defaults to true
enabled: true
# -- Storage Class for the config volume.
# If set to `-`, dynamic provisioning is disabled.
# If set to something else, the given storageClass is used.
# If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner.
storageClass: ""
# -- If you want to reuse an existing claim, the name of the existing PVC can be passed here.
existingClaim: ""
# -- AccessMode for the persistent volume.
# Make sure to select an access mode that is supported by your storage provider!
# [[ref]](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes)
accessMode: ReadWriteOnce
# -- The amount of storage that is requested for the persistent volume.
size: 5Gi
# -- Set to true to retain the PVC upon `helm uninstall`
retain: false
media:
# -- Enables or disables the persistence item. Defaults to true
enabled: true
# -- Storage Class for the config volume.
# If set to `-`, dynamic provisioning is disabled.
# If set to something else, the given storageClass is used.
# If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner.
storageClass: ""
# -- If you want to reuse an existing claim, the name of the existing PVC can be passed here.
existingClaim: ""
# -- AccessMode for the persistent volume.
# Make sure to select an access mode that is supported by your storage provider!
# [[ref]](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes)
accessMode: ReadWriteOnce
# -- The amount of storage that is requested for the persistent volume.
size: 5Gi
# -- Set to true to retain the PVC upon `helm uninstall`
retain: false